PayPal uses new text message security verification

Internet users in the UK now have extra security on their PayPal accounts after Verisign implemented a system which uses a text message or physical security token.

When PayPal customers log into their online accounts, they will have the option to start using an additional security credential, such as a one time password for every time they sign in.

During an online session, the generated password is texted to them to be entered into the user's log-in interface along with the user's usual account name and password, a form of two-factor authentication.

Users will be able to authenticate using two different methods - a physical security key token or a mobile device, which will both generate the one time password needed.

Garreth Griffith, head of risk management at PayPal, said: "Offering the security key via text message is really important as we want to make it as convenient and quick as possible.

"You just need your mobile phone to use it, which prevents having to carry another gadget with you."

Users whose devices support SMS text messaging and subscribe to SMS services with mobile providers can receive the one time passwords without special software.

In addition to the SMS functionality and token, the authentication service could support a wide range of credentials, including stand-alone tokens, software tokens for mobile phones and credit card-size form factors.